Jean-Luc Makiola
2853477a75
Phases 28-31 archived to milestones/v2.2-phases/ Requirements and roadmap snapshots archived to milestones/ Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
4.1 KiB
Phase 28: Profile & Logto Integration - Discussion Log
Audit trail only. Do not use as input to planning, research, or execution agents. Decisions are captured in CONTEXT.md — this log preserves the alternatives considered.
Date: 2026-04-12 Phase: 28-profile-and-logto-integration Areas discussed: Profile page content, Account management flow, Login/registration branding, Logto configuration
Profile Page Content
| Option | Description | Selected |
|---|---|---|
| Account info + stats | Show email, member since, gear stats (item count, setup count, collection weight) | |
| Account info only | Add email and member-since date from Logto. Keep it simple. | ✓ |
| You decide | Claude picks what makes sense |
User's choice: Account info only Notes: Stats belong on the collection page, not the profile.
| Option | Description | Selected |
|---|---|---|
| Keep in Settings | Profile section stays at top of /settings | |
| Separate /profile page | Dedicated profile page with its own nav entry | ✓ |
| You decide | Claude picks based on content |
User's choice: Separate /profile page
| Option | Description | Selected |
|---|---|---|
| View only in GearBox | Email read-only, changes in Logto | |
| Editable via Logto API | Email change initiated from GearBox | ✓ |
User's choice: Editable via Logto Management API Notes: "I never want them going to Logto, it just handles auth etc." — Strong preference that Logto is invisible to users.
Account Management Flow
| Option | Description | Selected |
|---|---|---|
| Full account management | Change email, password, delete, manage sessions | |
| Essentials only | Change password and view email only | |
| Password + email + delete | The three things users actually need | ✓ |
User's choice: Password + email + delete
| Option | Description | Selected |
|---|---|---|
| Section on profile page | Password change as collapsible section | |
| Separate security section | Tabs: Profile / Security / Danger Zone | |
| You decide | Claude picks the layout | ✓ |
User's choice: You decide (Claude's discretion)
| Option | Description | Selected |
|---|---|---|
| Full delete | Delete everything — items, setups, threads, profile. Remove from Logto. | |
| Anonymize, keep content | Public setups/contributions stay (attributed to "deleted user"). Personal data deleted. | ✓ |
| You decide | Claude picks |
User's choice: Anonymize, keep content
Login/Registration Branding
| Option | Description | Selected |
|---|---|---|
| Full brand match | Custom CSS/logo on Logto, custom domain, seamless experience | ✓ |
| Logo + colors only | GearBox logo and primary colors, keep Logto default layout | |
| Skip branding for now | Focus on functionality, brand later |
User's choice: Full brand match
| Option | Description | Selected |
|---|---|---|
| Google + GitHub | Both social login providers | ✓ |
| Google only | Just Google for widest reach | |
| Not now | Email + password only for launch |
User's choice: Google + GitHub
Logto Configuration
| Option | Description | Selected |
|---|---|---|
| Required at signup | Email must be verified before account is usable | ✓ |
| Required within 7 days | Can start using immediately, verify within a week | |
| Optional | Available but not required |
User's choice: Required at signup
| Option | Description | Selected |
|---|---|---|
| Strong (8+ chars, mixed case, number) | Standard security policy | ✓ |
| Minimum only (8+ chars) | Just length, no complexity | |
| You decide | Claude picks reasonable defaults |
User's choice: Strong password policy
Claude's Discretion
- Profile/account page layout (tabs vs sections)
- Logto Management API integration details (M2M token setup)
- Email change verification flow UX
- Password change form design
- Account deletion confirmation UX
Deferred Ideas
None — discussion stayed within phase scope